diff options
author | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2017-07-26 04:33:01 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-07-26 04:33:01 -0700 |
commit | 6d2200808b618f0fc8b163d7e03e16c2827c4eeb (patch) | |
tree | fa3a99ed77e03e55c97e11e54bd565006f92ca32 /tests | |
parent | 715a2e6fa37e15cda96f02a48b9fdccdaf66fed3 (diff) | |
parent | ee17e8f9b732f5b08f2b94a67ef92ccc33f19b01 (diff) | |
download | pysaml2-6d2200808b618f0fc8b163d7e03e16c2827c4eeb.tar.gz |
Merge pull request #431 from c00kiemon5ter/feature-force-authn-configuration
Add force_authn sp configuration option
Diffstat (limited to 'tests')
-rw-r--r-- | tests/test_31_config.py | 11 | ||||
-rw-r--r-- | tests/test_51_client.py | 11 |
2 files changed, 22 insertions, 0 deletions
diff --git a/tests/test_31_config.py b/tests/test_31_config.py index 623c944f..eb8480c6 100644 --- a/tests/test_31_config.py +++ b/tests/test_31_config.py @@ -68,6 +68,7 @@ sp2 = { }, "authn_requests_signed": True, "logout_requests_signed": True, + "force_authn": True, } }, #"xmlsec_binary" : "/opt/local/bin/xmlsec1", @@ -408,5 +409,15 @@ def test_crypto_backend(): sec = security_context(idpc) assert isinstance(sec.crypto, CryptoBackendXMLSecurity) +def test_unset_force_authn(): + cnf = SPConfig().load(sp1) + assert bool(cnf.getattr('force_authn', 'sp')) == False + + +def test_set_force_authn(): + cnf = SPConfig().load(sp2) + assert bool(cnf.getattr('force_authn', 'sp')) == True + + if __name__ == "__main__": test_crypto_backend() diff --git a/tests/test_51_client.py b/tests/test_51_client.py index 1806de41..937e0e20 100644 --- a/tests/test_51_client.py +++ b/tests/test_51_client.py @@ -280,6 +280,17 @@ class TestClient: assert nid_policy.allow_create == "false" assert nid_policy.format == saml.NAMEID_FORMAT_TRANSIENT + def test_create_auth_request_unset_force_authn(self): + req_id, req = self.client.create_authn_request( + "http://www.example.com/sso", sign=False, message_id="id1") + assert bool(req.force_authn) == False + + def test_create_auth_request_set_force_authn(self): + req_id, req = self.client.create_authn_request( + "http://www.example.com/sso", sign=False, message_id="id1", + force_authn="true") + assert bool(req.force_authn) == True + def test_create_auth_request_nameid_policy_allow_create(self): conf = config.SPConfig() conf.load_file("sp_conf_nameidpolicy") |